FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

BIND -- Remote Denial of Service vulnerability

Affected packages
bind99 < 9.9.9P3
bind910 < 9.10.4P3
bind911 < 9.11.0.rc3
bind9-devel < 9.12.0.a.2016.09.10
9.3 <= FreeBSD < 9.3_48

Details

VuXML ID c8d902b1-8550-11e6-81e7-d050996490d0
Discovery 2016-09-27
Entry 2016-09-28
Modified 2016-10-10

ISC reports:

Testing by ISC has uncovered a critical error condition which can occur when a nameserver is constructing a response. A defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a query that meets certain criteria.

References

CVE Name CVE-2016-2776
FreeBSD Advisory SA-16:28.bind
URL https://kb.isc.org/article/AA-01419